Has a deceptive email header. Check message headers
carefully to see who the sender really is. Phishers use colors,
logos and phrasing from companies and universities to make their
communication seem genuine and mimic a legitimate email
Directs you to a website that looks legitimate, but is
not. Sometimes the phisher uses a URL that appears similar
to a genuine source’s URL in order to trick you. To
avoid being fooled:
Make sure the URL for any form matches the trusted place you
intend to go.
Hover your mouse over a link without clicking it to see the
Do an Internet search for the actual company URL.
Asks you to give, update, validate or confirm your
Requiresan immediate response such as,
“You must respond within 24 hours”.
Threatensdire consequences if you do
Contains forms or dialogue boxes that prompt you to
enter your PII.
Is not a secure page. Before entering any PII, be sure a page is security enabled
(starts with https, not http). Never fill
in forms you receive in email, or ones you were directed to by an
unsolicited message, pop-up or text.
Contains spelling and grammatical errors.
Fails to address you by your name and instead
addresses you as “Client,” “User” or
Appears to be from a reliable source. Phishers disguise
themselves as reliable, familiar sources like a bank,
telephone or computer companies.
Promises services or rewards that are too good to be
true like offers on coupons or promises to remove computer
viruses. This is often a way of gaining access to your email
address or computer itself.
Tries to entice you by offering you the latest
technology. Phishers will often use products like iPads,
phones, laptops, and flat screen televisions to get your email
address or phone number.
Looks like a suspicious update by a friend on a social media
network. Scammers target popular social media sites and use
messages or updates from friends as a way to lure you to sites
requesting your PII.